星期二, 12月 19, 2006
PISA Comments on HKSAR Digital 21 Paper
PISA working group (Howard Lau, Wallace Wong, Stanley Wong, Henry Ng and Antony Ma) has some discussions on HKSAR Digital 21 Consultation Paper and Howard helped us to consolidate the comments. Below is a open letter sent to OGCIO.
Your comments are welcomed and we hope this will serve as an initial discussion of how we should do to better Hong Kong Information Security.
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
Office of the Government Chief Information Officer
Commerce, Industry and Technology Bureau
2/F, Murray Building
Garden Road
Hong Kong
E-mail: digital21<>ogcio.gov.hk
Dear Sir/Madam,
Professional Information Security Association (PISA) is a non-profitable organization for local information security professionals. Our objective is to promote security awareness to the ICT industry and general public in Hong Kong, utilizing our expertise and knowledge to help bringing prosperity to the society in the Information Age.
Electronic Health Records
PISA welcomes the initiative on Electronic Health Records. Inside the draft 2007 Digital 21 Strategy, Information security and privacy of Electronic Health Records have been addressed. If there is further specific consultation about this system, PISA is willing to share ideas on implementation and practical aspects on information security and privacy.
Cyber-crime Prevention, Data Protection, Framework for Network and InformationSecurity Emergency Responses
In order to keep the competitiveness of different industries in Hong Kong, we highly recommend to enhance ICT Security for Business Continuity and Infrastructure Resiliency. We should also have plans for Cyber-crime Prevention, Data Protection, Framework for Network and Information Security Emergency Responses. Our information shows that some other countries and China Mainland have already done some preparations on this direction. In Singapore, the following systems or projects have been suggested and implemented
In May 2005, China Government gave declaration about the significance of Network and Information Security in an ASEAN meeting. “Network and information security is an important component of the information society, and a precondition for fostering public confidence in using ICT. It has been strongly recognized that the network and information security in the region are faced with a severe challenge. Communications and cooperation should be strengthened in the field of network and information security, and an ASEAN China Coordination Framework for Network and Information Security Emergency Responses should be established.” Therefore, Hong Kong should play a more active role in network and information security.
Local Education on ICT Sceurity and Ethics
PISA believes that just to promote ICT Security is not enough. We should strengthen ethics education in this Internet Age.
PISA suggests Hong Kong education strategy should clearly include computer ethics in different levels of education. These are about cyber-crime, copyright protection, DRM, privacy, and usage responsibility.
We appreciate our opinions to be considered. Please contact me at telephone 81046800 or email: howard.lau<>pisa.org.hk.
Yours faithfully,
Mr. Howard Lau
Chairperson
Professional Information Security Association
Your comments are welcomed and we hope this will serve as an initial discussion of how we should do to better Hong Kong Information Security.
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
Office of the Government Chief Information Officer
Commerce, Industry and Technology Bureau
2/F, Murray Building
Garden Road
Hong Kong
E-mail: digital21<>ogcio.gov.hk
Dear Sir/Madam,
Comments on the draft 2007 Digital 21 Strategy
Professional Information Security Association (PISA) is a non-profitable organization for local information security professionals. Our objective is to promote security awareness to the ICT industry and general public in Hong Kong, utilizing our expertise and knowledge to help bringing prosperity to the society in the Information Age.
Electronic Health Records
PISA welcomes the initiative on Electronic Health Records. Inside the draft 2007 Digital 21 Strategy, Information security and privacy of Electronic Health Records have been addressed. If there is further specific consultation about this system, PISA is willing to share ideas on implementation and practical aspects on information security and privacy.
Cyber-crime Prevention, Data Protection, Framework for Network and InformationSecurity Emergency Responses
In order to keep the competitiveness of different industries in Hong Kong, we highly recommend to enhance ICT Security for Business Continuity and Infrastructure Resiliency. We should also have plans for Cyber-crime Prevention, Data Protection, Framework for Network and Information Security Emergency Responses. Our information shows that some other countries and China Mainland have already done some preparations on this direction. In Singapore, the following systems or projects have been suggested and implemented
- National Cyberthreat Monitoring Center (NCMC).
The NCMC project will provide the capabilities to monitor network traffic and respond to malicious events. - Business Continuity Readiness Assessment Framework
- Infocomm Security Health Scorecard
In May 2005, China Government gave declaration about the significance of Network and Information Security in an ASEAN meeting. “Network and information security is an important component of the information society, and a precondition for fostering public confidence in using ICT. It has been strongly recognized that the network and information security in the region are faced with a severe challenge. Communications and cooperation should be strengthened in the field of network and information security, and an ASEAN China Coordination Framework for Network and Information Security Emergency Responses should be established.” Therefore, Hong Kong should play a more active role in network and information security.
Local Education on ICT Sceurity and Ethics
PISA believes that just to promote ICT Security is not enough. We should strengthen ethics education in this Internet Age.
PISA suggests Hong Kong education strategy should clearly include computer ethics in different levels of education. These are about cyber-crime, copyright protection, DRM, privacy, and usage responsibility.
We appreciate our opinions to be considered. Please contact me at telephone 81046800 or email: howard.lau<>pisa.org.hk.
Yours faithfully,
Mr. Howard Lau
Chairperson
Professional Information Security Association
